Paytm App Asks For Root Permission; Finds An Easy Escape When Cornered!
Paytm users were in for a shock earlier this week when the app began asking for root privileges to their smartphones.
There has been a marked increase in the usage of digital payments that has made payments easier at the touch of a finger. One such app providing these services is Paytm. It is one of the oldest Indian players in this space and as such, it is one of the most trusted ones in India.
It is also the most popular mobile wallet in India. Starting with mobile wallet services Paytm has now diversified into payment banking, insurance and mutual funds.
So Paytm users were in for a shock earlier this week when the app began asking for root privileges to their smartphones.
Why did the Paytm app suddenly need the root privileges? Was it a genuine requirement?
Paytm: Give Us The Root Access To Your Smartphone
Early in last week, many Android device users reported that the Paytm app was asking for Root privileges. The tech website Beebom reached out to the Paytm support team on Twitter asking for an explanation. They received some vague explanations about requiring the root access to gather user information like the device’s OS version to ensure safety. They also stopped responding to further enquiry.
Now the other payment apps like BHIM app, also require the root access but rely on Android’s SafetyNet technology to get the required information regarding the device and the OS version.
For those who do not know, a root access basically allows full privileges to users or apps in the Android subsystem. But this also opens the window of opportunity for unethical elements to take undue advantage of the unprotected device.
While Paytm failed to satisfactorily answer Beebom or other folks, it did respond to Baptiste Robert, also known on Twitter as Elliot Anderson. He is a French security researcher who is interested in the security measures implemented in Indian apps. He interacted directly with Sr. Vice President at Paytm, Deepak Abbot. This is how their conversation went.
Root Access Permission No Longer Required By Paytm
After a few days, Elliot Anderson was contacted by Paytm informing him of the new update which no longer required the Paytm app to have access to root privileges. This was even confirmed by the team at Beebom.
The incident clearly highlights the fact that either Paytm does not have a technical team strong enough to handle the security issues and to make the online payments more secure its users or it did have some major security flaws which it did not want to own up to and had an easy escape by putting up an update when it was called out.
Paytm being the top mobile payment company has thus failed to provide the much-needed security to its users. Root access to any device gives anyone with malicious intent access to the user’s entire data, including financial data and sensitive material like passwords. Users need to be alert so as to avoid a security breach like granting root access to any app on their smartphone.